Acunetix

Acunetix is a web vulnerability scanner automating discovery and remediation of OWASP Top 10 vulnerabilities across web applications.

Installation

Linux

# Download and install
wget https://releases.acunetix.com/acunetix/linux/acunetix_linux_x64.tar.gz
tar -xzf acunetix_linux_x64.tar.gz
cd acunetix && sudo ./install.sh

# Start service
sudo systemctl start acunetix
sudo systemctl status acunetix

Docker

# Pull and run official image
docker pull acunetix/acunetix
docker run -d -p 3443:3443 --name acunetix acunetix/acunetix

# Access: https://localhost:3443

Scan Configuration

Create Scan via API

# Get API token (from web UI)
API_TOKEN="your_api_token"
TARGET_URL="https://example.com"

# Create scan
curl -X POST "https://localhost:3443/api/v1/scans" \
  -H "X-API-CSRF: $API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "address": "'$TARGET_URL'",
    "description": "Full scan",
    "profile_id": "1"
  }'

Scan Profiles

# Get available profiles
curl -s "https://localhost:3443/api/v1/scanning_profiles" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.'

# Profile IDs:
# 1 - Full Scan
# 2 - High Risk Vulnerabilities
# 3 - Malware Detection
# 4 - Mobile Scan

Common Scanning Tasks

Command	Description
Create full scan	Full website audit with all checks
Crawl target	Discover all pages and endpoints
Login scan	Scan authenticated portions
API scan	Test REST/GraphQL endpoints
Compliance scan	Check PCI DSS, HIPAA requirements

Start Scan via API

# Start full scan on target
curl -X POST "https://localhost:3443/api/v1/scans" \
  -H "X-API-CSRF: $API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "address": "https://target.com",
    "profile_id": 1,
    "schedule": {
      "disable": false,
      "start_date": "2025-03-30T10:00:00Z",
      "time_sensitive": false
    }
  }'

Stop/Resume Scans

# Pause scan
curl -X PATCH "https://localhost:3443/api/v1/scans/SCAN_ID" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"action": "pause"}'

# Resume scan
curl -X PATCH "https://localhost:3443/api/v1/scans/SCAN_ID" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"action": "resume"}'

# Delete scan
curl -X DELETE "https://localhost:3443/api/v1/scans/SCAN_ID" \
  -H "X-API-CSRF: $API_TOKEN"

Viewing Results

Get Scan Status

# List all scans
curl -s "https://localhost:3443/api/v1/scans" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.scans[] | {id, status}'

# Get specific scan details
curl -s "https://localhost:3443/api/v1/scans/SCAN_ID" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.scan'

Export Reports

# Generate HTML report
curl -X POST "https://localhost:3443/api/v1/scans/SCAN_ID/report" \
  -H "X-API-CSRF: $API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"template_id": 1}' > report.html

# Export to PDF
curl -X GET "https://localhost:3443/api/v1/scans/SCAN_ID/report?template_id=2" \
  -H "X-API-CSRF: $API_TOKEN" -o scan_report.pdf

Vulnerability Details

# Get vulnerabilities in scan
curl -s "https://localhost:3443/api/v1/scans/SCAN_ID/vulnerabilities" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.vulnerabilities[]'

# Filter by severity
curl -s "https://localhost:3443/api/v1/scans/SCAN_ID/vulnerabilities?severity=high" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.'

Target Management

Add Target

# Create new target
curl -X POST "https://localhost:3443/api/v1/targets" \
  -H "X-API-CSRF: $API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "address": "https://myapp.com",
    "description": "Production application",
    "criticality": "3"
  }'

# Scan target immediately
curl -X POST "https://localhost:3443/api/v1/targets/TARGET_ID/scans" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"profile_id": 1}'

Target Groups

# Create group
curl -X POST "https://localhost:3443/api/v1/target_groups" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"name": "Production Apps"}'

# Add target to group
curl -X POST "https://localhost:3443/api/v1/target_groups/GROUP_ID/targets" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"target_id": "TARGET_ID"}'

Scheduling & Automation

Scheduled Scans

# Create recurring scan (weekly)
curl -X POST "https://localhost:3443/api/v1/scans" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "address": "https://target.com",
    "profile_id": 1,
    "schedule": {
      "disable": false,
      "start_date": "2025-04-01T02:00:00Z",
      "frequency": "weekly",
      "time_sensitive": false
    }
  }'

# List scheduled scans
curl -s "https://localhost:3443/api/v1/scans?type=scheduled" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.'

Compliance & Policies

Compliance Scanning

# Get available compliance profiles
curl -s "https://localhost:3443/api/v1/compliance_profiles" \
  -H "X-API-CSRF: $API_TOKEN" | jq '.'

# Create PCI DSS scan
curl -X POST "https://localhost:3443/api/v1/scans" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "address": "https://payment.com",
    "profile_id": 5,
    "compliance": "pci_dss"
  }'

Exclusions & Settings

# Exclude URLs from scan
curl -X POST "https://localhost:3443/api/v1/targets/TARGET_ID/exclusions" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{"pattern": "/admin/*"}'

# Set login credentials
curl -X POST "https://localhost:3443/api/v1/targets/TARGET_ID/credentials" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "username": "user@example.com",
    "password": "securepass",
    "type": "http_auth"
  }'

Advanced Operations

Custom Scan Profiles

# Create custom profile
curl -X POST "https://localhost:3443/api/v1/scanning_profiles" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "name": "Custom Scan",
    "checks": [
      "sql_injection",
      "xss",
      "csrf",
      "insecure_auth"
    ]
  }'

Integrations

# Webhook notification on scan complete
curl -X POST "https://localhost:3443/api/v1/webhooks" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "url": "https://my-server.com/webhook",
    "events": ["scan_completed"]
  }'

# Jira integration - post vulnerabilities
curl -X POST "https://localhost:3443/api/v1/integrations/jira" \
  -H "X-API-CSRF: $API_TOKEN" \
  -d '{
    "url": "https://jira.company.com",
    "username": "acunetix",
    "api_token": "TOKEN"
  }'

Command-Line Usage (if installed)

# Check version
acunetix --version

# Start service (Linux)
sudo systemctl start acunetix

# View logs
tail -f /var/log/acunetix/acunetix.log

# Configuration location
/etc/acunetix/conf.json
/var/www/acunetix/data/

Environment Variables

ACUNETIX_API_TOKEN="your_token"
ACUNETIX_URL="https://localhost:3443"
ACUNETIX_INSECURE="false"  # Skip SSL verification in dev

Troubleshooting

Service Issues

# Service won't start
sudo journalctl -u acunetix -n 50

# Reset to defaults
sudo systemctl stop acunetix
sudo rm -rf /var/lib/acunetix/*
sudo systemctl start acunetix

# Port already in use
sudo netstat -tulpn | grep 3443
sudo lsof -i :3443

API Authentication

# Get CSRF token for API
curl -s "https://localhost:3443/api/v1/account/profile" \
  -H "Cookie: PHPSESSID=<session>" | jq '.profile'

# Test connectivity
curl -k "https://localhost:3443" -v

Best Practices

• Run scans during low-traffic windows to avoid impact
• Exclude sensitive areas: /logout, /delete-account
• Use separate targets for dev/staging/production
• Schedule weekly or nightly automated scans
• Review vulnerabilities promptly (CVSS > 7 first)
• Integrate with CI/CD for pre-deployment scanning
• Maintain exclusion lists for false positives
• Keep Acunetix updated for new vulnerability checks
• Use compliance profiles matching your industry
• Archive historical reports for audit trails